It is an essential part of the RTS Quality Promise that we provide product security and protect our customers’ privacy throughout the entire product life cycle. To achieve this RTS established a global Product Security Team and made security an integral part of RTS’ processes. The Product Security Incident Response Team (PSIRT) is the central point of contact for external security researchers, partners, and customers to report security concerns related to products of RTS.
Apache Log4j Vulnerability
We are aware of the Apache Log4j Vulnerability (CVE-2021-44228) “Log4Shell”.
Our Remote Portal and Cloud Analytics Services are all patched to a non-vulnerable version of Log4j and were not impacted.
Product Security throughout the life cycle of RTS’ products & services
In order to provide secure and reliable products for our customers, we have established security and data protection as fundamental requirements of our products during the entire life cycle.
Security with Supplier
We have high quality requirements for purchased products. To ensure security of purchased products, modules and components we evaluate each supplier with respect to product security, as an integral part of our purchasing process.
Security Engineering Process
Security Engineering Process is a core part in our product development. Whenever we develop a new product, we conduct a comprehensive Threat and Risk Analysis, and create an individual Security Concept for the product and its integration into a complete solution. During design phase and before release we ensure product security by comprehensive testing (security and penetration tests). Any following updates, patches or upgrades will undergo the same rigorous tests, and will only be deployed once they have proven to be secure.
Vulnerability & Incident Management
Because requirements are constantly changing, 100% security is never guaranteed. Therefore a structured Vulnerability and Incident Management Process is established to professionally manage potential product security vulnerabilities and incidents.
Reporting Product Security Vulnerabilities
RTS takes security very seriously, and investigates all vulnerability reports.
Whenever you think you have identified a vulnerability or any other security issue related to an RTS product or service, please contact the Product Security Incident Response Team (PSIRT):